I am new spring-security I did spring authentication with ActiveDirectory, It was working after adding
<beans:bean id="myauthenticationrpovider" class="com.holcim.acl.rm.security.MyAuthoritySupplementingProvider">
<beans:constructor-arg ref="ldapActiveDirectoryAuthProvider" />
and bean code as follows
public class MyAuthoritySupplementingProvider implements AuthenticationProvider {
private AuthenticationProvider delegate;
public MyAuthoritySupplementingProvider(AuthenticationProvider delegate) {
this.delegate = delegate;
}
public Authentication authenticate(Authentication authentication) {
final Authentication a = delegate.authenticate(authentication);
//get first username and full User Name from a i.e Authentication.
Object auth = a.getPrincipal();
String username;
String userFullName;
if(auth instanceof LdapUserDetailsImpl){
LdapUserDetailsImpl userDetails = (LdapUserDetailsImpl) auth;
String[] dn = userDetails.getDn().split(",");
String[] temp = dn[0].split("=");
userFullName = temp[1];
username = ((LdapUserDetailsImpl) auth).getUsername();
logger.debug("AD Authentication done ");
logger.debug(userDetails.getDn());
logger.debug("User Full Name " + temp[1]);
logger.debug("UserName is :: "+ username);
}
// Load additional authorities and create an Authentication object
//final List<GrantedAuthority> authorities = loadRolesFromDatabaseHere();
List<AclAuthority> authorities = new ArrayList<AclAuthority>();
authorities.add(AclAuthority.ROLE_ADMIN);
return new AbstractAuthenticationToken(authorities) {
public Object getCredentials() {
throw new UnsupportedOperationException();
}
public Object getPrincipal() {
return a.getPrincipal();
}
};
}
@Override
public boolean supports(Class<?> authentication) {
return delegate.supports(authentication);
}
}
application-security.xml as follows
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">
<!-- HTTP security configurations -->
<http auto-config="true" use-expressions="true">
<form-login login-processing-url="/static/j_spring_security_check" login-page="/login" authentication-failure-url="/login?login_error=t" />
<logout logout-url="/static/j_spring_security_logout" />
<!-- Configure these elements to secure URIs in your application -->
<intercept-url pattern="/choices/**" access="hasRole('ROLE_ADMIN')" />
<intercept-url pattern="/member/**" access="isAuthenticated()" />
<intercept-url pattern="/resources/**" access="permitAll" />
<intercept-url pattern="/static/**" access="permitAll" />
<intercept-url pattern="/login/**" access="permitAll" />
<intercept-url pattern="/**" access="isAuthenticated()" />
</http>
<!-- Active directory authentication added by Kamlesh A. -->
<!-- LDAP server details -->
<authentication-manager>
<authentication-provider ref="myauthenticationrpovider" />
</authentication-manager>
<beans:bean id="ldapActiveDirectoryAuthProvider" class="org.springframework.security.ldap.authentication.ad.ActiveDirectoryLdapAuthenticationProvider">
<beans:constructor-arg value="in.mycompany.net" />
<beans:constructor-arg value="ldap://XXX.XXX.XXX.XXX:PPP" />
<!--<beans:property name="authoritiesMapper" ref="grantedAuthoritiesMapper" />-->
<beans:property name="useAuthenticationRequestCredentials" value="true" />
<beans:property name="convertSubErrorCodesToExceptions" value="true" />
</beans:bean>
<beans:bean id="myauthenticationrpovider" class="com.holcim.acl.rm.security.MyAuthoritySupplementingProvider">
<beans:constructor-arg ref="ldapActiveDirectoryAuthProvider" />
</beans:bean>
</beans:beans>
I have gone through so questions
Spring Security redirect to previous page after successful login as well as
Unexpected redirect to login page after successful login
after successfull login it takes to
http://localhost:8080/static/j_spring_security_check
But if I try to open anyother url it again take to login